﻿using B.S.DataBasic.Infrastructure.Medi;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;

namespace B.S.DataBasic.Read.API.Controllers
{
    [Route("api/[controller]")]
    [ApiController]
    public class LoginController : ControllerBase
    {
        private readonly LoginMediator _loginMediator;
        public LoginController(LoginMediator loginMediator)
        {
            _loginMediator = loginMediator;
        }
        [HttpPost]
        public IActionResult GetUsers([FromBody] UserRequest request)
        {
            var currentUser = _loginMediator.GetUserByUsername(request.Username);
            if (currentUser == null)
            {
                return Unauthorized("用户未登录");
            }
            var isAdmin = currentUser.Role.Permissions.Any(p => p.Name == "ViewAllUsers");
            if (isAdmin)
            {
                var allUsers = _loginMediator.GetAllUsers();
                return Ok(allUsers);
            }
            else
            {
                return Ok(currentUser);
            }
        }
    }
    public class UserRequest
    {
        public string Username { get; set; }
    }
}

